A VLAN separates the mac address tables within the switch so each VLAN behaves a little bit like its own separate dedicated switch.
If a frame is received where the destination mac address is unknown, the switch tries to guarantee delivery by sending a copy to every port it thinks is in the same VLAN. If a port is in a different VLAN, the switch will not send a copy to that port.
VLANs are often used as a security, rather than a performance, feature so we definitely don’t want the switch sending frames from VLAN 100 to VLAN 200 by default.
David,
The switch’s behavior in regards to unknown vs broadcast is the same, but the intention behind the behavior is different. This relates to the difference between an unknown MAC and a broadcast MAC.
In the case of an unknown MAC, the switch is try to determine which specific switchport should be associated with that MAC. In the case of a broadcast MAC (FF-FF-FF-FF-FF-FF), the switch isn’t trying to learn anything–it is simply doing what it is told: send this frame to all ports, except where it was received.
Hello Rene,
I have a question, I have a network printer did not pull a MAC address in switch port, replaced the NIC card, tested the cables, changed the switch port, no port security on the port, no MAC address,
then I assigned an IP address and then I can pull the MAC address, and I can ping it.
Any idea why this happened?
Thanks in advance
You mean you configured an IP address on the printer? Once the switch receives a single Ethernet frame on an interface, it will learn the MAC address. Most network printers use DHCP client to get an IP address by default so even if you take it out of the box and plug in the power, it should generate some network traffic.
You can also connect a laptop with Wireshark directly to your printer, see if it generates any traffic.
Yes, all switches have a MAC address. How this MAC address is implemented depends on the vendor. Some switches have the same MAC address on all ports. Cisco switches have a different MAC address on each port and one main MAC address that refers to the switch itself. These MAC addresses are only used for traffic that is destined to or generated from the switch itself. For traffic from one PC to another for example, these MAC addresses don’t play any role.
Some specific uses for the MAC addresses of switches include:
* terminating traffic to and from the switch itself
* determining the root bridge when using STP
Hi Rene,
I understood ARP and Switching (I hope). Thank you for a very good explanation as always.
My question-- is it the host who always start the ARP process? Does a switch ever get chance to initiate ARP?
I believe there is a difference. Unknown is a case of unicast. In unicast the source and destination address are present and they are unique (I mean individual value). But in case of broadcast, it is intended for all hosts in the network (FF:FF:FF:FF:FF:FF).
Now the interesting thing is how the receivers will react to the unicast and broadcast. In case of unicast, only the host with a matching destination address will respond but rest will simply drop the packet. But in case of broadcast, there will be a reply from each of the receiving hosts to the source MAC. @andrew Please correct me if my understainding is not appropriate.
Any device that has an IP address needs ARP. After all, if it wants to send an IP packet with a destination IP address, it has to figure out what the layer two MAC address is.
On a layer two switch, you still might want to configure an IP address. Here are some reasons:
- To manage it remotely through telnet or SSH.
- So it can send syslog messages to an external server.
- So you can use SNMP to monitor the switch.
It is possible that a switch is the initiator of the ARP process. For example, perhaps you just rebooted it and it wants to send syslog information to some syslog server…in that case, it will send an ARP request for the syslog server that you have configured on the switch.
In your example, H1 is trying to send traffic to H2 and H1 already knows the MAC of H2. So I understand H1 knows the dest MAC due to sending an ARP. However, if it had sent an ARP, why is the switch mac address table empty? Wouldn’t the switch already have the mac address for H2 in its table due to the arp reply that told H1 what H2’s mac address was?
You are absolutely right. The switch would know the MAC address of H3 due to the ARP request it had originally sent. However, this procedure of the ARP request and response is not included in the example for simplicity, so that we can focus on the way in which the switch learns MAC addresses via frames sent between devices.
Rene’ jumped ahead of himself just a bit at the beginning of the video. Initially, computer A will not know the destination MAC address of computer B. The initial frame Rene drew would have a source MAC of AAA and a destination MAC of FF:FF:FF:FF:FF:FF (“all ones”) so that the switch is forced to flood the frame out all ports (and as Rene’ noted, it will flood it anyway in this case because the switch initially hasn’t learned what port it can reach MAC address BBB on).
In your first drawing, host AAA already knows about host BBB. For those new to this, I think it would be helpful to redraw that first pic and show the destination mac address of FFF and go on to explain how host AAA would send its first frame (destined for host 2) with a destination mac address of FFF (since it hasn’t communicated with host 2 yet) and how that frame would reach all devices (since it is a broadcast frame).
Actually, the destination MAC address in the frame will not be the broadcast MAC address, but it will be the MAC address of the destination host, H2. The frames as they are displayed in both the video and the images are correct.
If the switch does not have the MAC address of H2 in its address table, it will receive the frame and flood it out of all of its ports except the port on which it arrived. All hosts will receive the frame and check the destination address of BBB and compare it to their own. H3 will discard it, however H2 will keep it because its MAC address matches the destination MAC address. This is how devices know that a frame that arrives on their NIC belongs to them (or not).
If the address was the broadcast MAC address of FF:FF:FF:FF:FF:FF, then all devices would accept the frame and begin decapsulating it, because it is a broadcast and broadcasts are intended for everyone.
Now you mentioned that A will NOT know the destination MAC address of computer B. In this example, A does know the destination MAC address. However, if it does not, then another mechanism, independent of that shown in this lesson, would be used to learn this MAC address. This mechanism is known as an ARP request. You can find out more about this at the following lesson:
thanks for this good video.
I understand that, in the second figure, when an ethernet frame start from H1and is sent to H4, the source mac is fa016.3E40.F97D (from H1) and the destination mac is fa16.3E02.9079 (to h4).
My question is : when this ethernet frame travel from sw1 to sw2, does the sours or destination mac change to sw1 mac or sw2 mac (theses mac are not shown in the figure) ? or does it keep the same source and destination mac address along all its way until the end ?(withe H1 and H4 and all teh equipments which stay in the same broadcast domaine. no router here)
Then this command on sw1 (or sw2) : show cdp neighbors detail
will show mac address which probably never been present on the mac address table : the mac of the other switch.
Am i ok ?